SUSE-SU-2018:3498-1

Опубликовано: 26 окт. 2018

Источник: suse-cvrf

Описание

Security update for lcms2

This update for lcms2 fixes the following issues:

CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. (bsc#1108813)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

liblcms2-2-2.9-3.3.1

liblcms2-devel-2.9-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20183498-1/
Link for SUSE-SU-2018:3498-1
https://lists.suse.com/pipermail/sle-security-updates/2018-October/004801.html
E-Mail link for SUSE-SU-2018:3498-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1108813
SUSE Bug 1108813
https://www.suse.com/security/cve/CVE-2018-16435/
SUSE CVE CVE-2018-16435 page

Описание

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15:liblcms2-2-2.9-3.3.1

SUSE Linux Enterprise Module for Basesystem 15:liblcms2-devel-2.9-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16435.html
CVE-2018-16435
https://bugzilla.suse.com/1108813
SUSE Bug 1108813

SUSE-SU-2018:3498-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

Ссылки

Уязвимость: CVE-2018-16435

Описание

Затронутые продукты

Ссылки